Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/nLIzuRK7TCcP25QYKym3XhrQ3o0.roa
File:                     nLIzuRK7TCcP25QYKym3XhrQ3o0.roa (raw, json)
Hash identifier:          ihMq8pFqachCePyKxhQ3IAXZHWKygcMACvHFMyp8aRs=
Subject key identifier:   9C:B2:33:B9:12:BB:4C:27:0F:DB:94:18:2B:29:B7:5E:1A:D0:DE:8D
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018AB7A45F6BFAF1EE154D430041D49870B8
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/nLIzuRK7TCcP25QYKym3XhrQ3o0.roa
Signing time:             Thu 21 Sep 2023 12:08:37 +0000
ROA not before:           Thu 21 Sep 2023 12:08:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50158
IP address blocks:        2a0e:d603::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b7:a4:5f:6b:fa:f1:ee:15:4d:43:00:41:d4:98:70:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Sep 21 12:08:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9cb233b912bb4c270fdb94182b29b75e1ad0de8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f9:fd:a4:f0:9a:9e:88:c8:db:b7:75:af:f7:
                    60:83:cf:0c:2b:90:c6:6d:50:bc:8f:d0:18:9f:4c:
                    62:6a:2b:16:08:8a:a3:6b:b1:62:5d:65:82:a1:4c:
                    9e:b3:d1:cc:39:7f:fc:b6:bd:b3:f0:d0:0e:89:a8:
                    e6:24:32:21:19:38:e2:51:80:76:f0:b2:e1:10:ac:
                    09:e6:70:f6:b6:f1:02:32:00:ce:2f:ba:54:43:08:
                    0c:8e:64:d0:6c:dd:f9:de:07:18:6e:7b:9f:b5:97:
                    0f:a7:69:48:12:56:c6:b2:34:ca:72:56:9c:8a:f0:
                    2f:b0:e1:63:11:a9:b1:e4:94:e0:59:2c:ae:77:23:
                    66:ff:41:f2:e7:10:31:82:2f:81:e8:4c:fa:c3:ef:
                    a8:6b:df:81:78:31:51:0e:8e:bc:89:a8:c3:85:21:
                    9e:89:1c:d9:b5:80:68:e1:a6:6e:7b:9f:38:a3:34:
                    47:25:b7:bc:b7:6d:18:1a:5d:2c:df:90:64:89:6a:
                    e7:08:63:25:77:fa:dd:e9:be:4f:1f:cb:61:24:dc:
                    9d:bb:87:14:2a:d4:db:be:62:56:94:3f:30:62:7f:
                    70:91:e6:2f:c8:a4:fe:38:2e:53:13:4d:4b:ed:66:
                    41:bd:2c:3f:f4:df:11:c5:0b:4d:ec:9e:a6:08:f4:
                    cf:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:B2:33:B9:12:BB:4C:27:0F:DB:94:18:2B:29:B7:5E:1A:D0:DE:8D
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/nLIzuRK7TCcP25QYKym3XhrQ3o0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:d603::/32

    Signature Algorithm: sha256WithRSAEncryption
         91:c5:4b:33:76:a2:49:77:85:2c:8c:d5:47:5b:89:db:35:5a:
         20:b4:3e:ec:8b:ed:96:3c:9a:30:10:96:cf:46:ea:42:2b:a2:
         6f:17:05:85:e4:6a:8d:d4:62:17:76:c3:a8:2f:1d:ae:14:2b:
         11:97:73:3c:aa:17:a4:d7:fc:75:f0:4b:7f:c4:1d:b2:f9:33:
         34:bb:8e:b7:ac:a4:9e:70:0c:a4:e5:cc:6a:5a:ed:4a:ce:5d:
         4d:95:57:21:13:d2:4c:63:af:3b:73:a4:ec:ab:5a:54:15:10:
         c8:26:4b:df:6e:96:dd:25:35:e3:a2:6f:00:ea:51:b4:99:86:
         8b:4a:71:31:00:4a:56:43:40:82:d1:3d:bf:42:d8:4f:9f:54:
         f3:0e:31:59:a1:66:30:89:02:2e:0b:77:c5:21:9e:68:1d:95:
         dd:e9:df:5a:0d:46:a8:4e:f1:d8:7a:ff:27:dc:ff:49:a9:2d:
         90:98:e7:55:04:f1:c5:1b:bd:1f:c7:6d:e6:87:ce:7d:8b:3c:
         dd:26:32:2b:fe:45:2d:d0:e0:8b:a4:fb:8d:d5:c7:e8:2b:6f:
         56:87:fa:86:61:62:fc:8e:66:0c:b8:58:e2:bd:fe:df:43:f9:
         17:ae:1a:5d:f3:c6:02:1c:a3:3c:fb:c0:e7:1f:99:b5:8b:8c:
         63:41:4d:e6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYq3pF9r+vHuFU1DAEHUmHC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwOTIxMTIwODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2IyMzNiOTEyYmI0YzI3MGZkYjk0MTgyYjI5Yjc1ZTFhZDBkZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vn9pPCanojI27d1r/dgg88MK5DG
bVC8j9AYn0xiaisWCIqja7FiXWWCoUyes9HMOX/8tr2z8NAOiajmJDIhGTjiUYB2
8LLhEKwJ5nD2tvECMgDOL7pUQwgMjmTQbN353gcYbnuftZcPp2lIElbGsjTKclac
ivAvsOFjEamx5JTgWSyudyNm/0Hy5xAxgi+B6Ez6w++oa9+BeDFRDo68iajDhSGe
iRzZtYBo4aZue584ozRHJbe8t20YGl0s35BkiWrnCGMld/rd6b5PH8thJNydu4cU
KtTbvmJWlD8wYn9wkeYvyKT+OC5TE01L7WZBvSw/9N8RxQtN7J6mCPTPjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJyyM7kSu0wnD9uUGCspt14a0N6NMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbkxJenVSSzdUQ2NQMjVRWUt5bTNYaHJRM28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7WAzAN
BgkqhkiG9w0BAQsFAAOCAQEAkcVLM3aiSXeFLIzVR1uJ2zVaILQ+7IvtljyaMBCW
z0bqQiuibxcFheRqjdRiF3bDqC8drhQrEZdzPKoXpNf8dfBLf8QdsvkzNLuOt6yk
nnAMpOXMalrtSs5dTZVXIRPSTGOvO3Ok7KtaVBUQyCZL326W3SU146JvAOpRtJmG
i0pxMQBKVkNAgtE9v0LYT59U8w4xWaFmMIkCLgt3xSGeaB2V3enfWg1GqE7x2Hr/
J9z/SaktkJjnVQTxxRu9H8dt5ofOfYs83SYyK/5FLdDgi6T7jdXH6CtvVof6hmFi
/I5mDLhY4r3+30P5F64aXfPGAhyjPPvA5x+ZtYuMY0FN5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org